최신 312-39 무료덤프 - EC-COUNCIL Certified SOC Analyst (CSA)

문제1

Jony, a security analyst, while monitoring IIS logs, identified events shown in the figure below.

What does this event log indicate?

A. SQL Injection Attack

B. XSS Attack

C. Parameter Tampering Attack

D. Directory Traversal Attack

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which of the following event detection techniques uses User and Entity Behavior Analytics (UEBA)?

A. Rule-based detection

B. Anomaly-based detection

C. Signature-based detection

D. Heuristic-based detection

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Which of the following process refers to the discarding of the packets at the routing level without informing the source that the data did not reach its intended recipient?

A. Rate Limiting

B. Black Hole Filtering

C. Load Balancing

D. Drop Requests

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which of the following formula represents the risk?

A. Risk = Likelihood × Impact × Severity

B. Risk = Likelihood × Impact × Asset Value

C. Risk = Likelihood × Consequence × Severity

D. Risk = Likelihood × Severity × Asset Value

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company's URL as follows:
http://technosoft.com.com/<script>alert("WARNING: The application has encountered an error");</script>.
Identify the attack demonstrated in the above scenario.

A. SQL Injection Attack

B. Denial-of-Service Attack

C. Cross-site Scripting Attack

D. Session Attack

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which of the following security technology is used to attract and trap people who attempt unauthorized or illicit utilization of the host system?

A. Intrusion Detection System

B. De-Militarized Zone (DMZ)

C. Honeypot

D. Firewall

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which of the following data source will a SOC Analyst use to monitor connections to the insecure ports?

A. Netstat Data

B. DNS Data

C. IIS Data

D. DHCP Data

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following command is used to enable logging in iptables?

A. $ iptables -A OUTPUT -j LOG

B. $ iptables -A INPUT -j LOG

C. $ iptables -B OUTPUT -j LOG

D. $ iptables -B INPUT -j LOG

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What does [-n] in the following checkpoint firewall log syntax represents?
fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

A. Display detailed log chains (all the log segments a log record consists of)

B. Display account log records only

C. Speed up the process by not performing IP addresses DNS resolution in the Log files

D. Display both the date and the time for each log record

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Identify the attack, where an attacker tries to discover all the possible information about a target network before launching a further attack.

A. DoS Attack

B. Ransomware Attack

C. Reconnaissance Attack

D. Man-In-Middle Attack

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 312-39 무료덤프 - EC-COUNCIL Certified SOC Analyst (CSA)

우리와 연락하기

유용한 링크

최신 업데이트